Suyu/mbedtls
1
0
Fork 0
mirror of https://git.suyu.dev/suyu/mbedtls.git synced 2026-01-04 21:56:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge branch 'development' into dtls

Browse source 
* development: (46 commits)
  Fix url again
  Fix small bug in base64_encode()
  Fix depend that was checked but not documented
  Fix dependency that was not checked
  Minor gitginore fixes
  Move some ignore patterns to subdirectories
  Ignore CMake/MSVC-related build files.
  Re-categorize changelog entry
  Fix misattribution
  Minor nits with stdout/stderr.
  Add cmake compatibility targets
  Add script for polarssl symlink creation
  Fix more stdio inclusion issues
  Add debug info for cert/suite selection
  Fix possible portability issue
  Fix bug in ssl_get_verify_result()
  aescrypt2.c local char array not initial
  Update Changelog
  Fix mips64 bignum implementation
  Fix usage string of ssl_client2
  ...

Conflicts:
	include/polarssl/ssl.h
	library/CMakeLists.txt
	library/Makefile
	programs/Makefile
	programs/ssl/ssl_client2.c
	programs/ssl/ssl_server2.c
	visualc/VS2010/PolarSSL.sln
	visualc/VS2010/mbedTLS.vcxproj
	visualc/VS6/mbedtls.dsp
	visualc/VS6/mbedtls.dsw
This commit is contained in:
Manuel Pégourié-Gonnard 2015-01-29 11:29:12 +00:00
commit 2a0718d947
267 changed files with 5475 additions and 3350 deletions
Download patch file Download diff file Expand all files Collapse all files

2
programs/x509/CMakeLists.txt
View file

@ -1,5 +1,5 @@
set(libs
polarssl
mbedtls
)
if(USE_PKCS11_HELPER_LIBRARY)

101
programs/x509/cert_app.c
View file

@ -3,7 +3,7 @@
*
* Copyright (C) 2006-2013, ARM Limited, All Rights Reserved
*
* This file is part of mbed TLS (https://www.polarssl.org)
* This file is part of mbed TLS (https://polarssl.org)
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -26,6 +26,13 @@
#include POLARSSL_CONFIG_FILE
#endif
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#define polarssl_printf printf
#define polarssl_fprintf fprintf
#endif
#include <string.h>
#include <stdlib.h>
#include <stdio.h>
@ -46,7 +53,7 @@ int main( int argc, char *argv[] )
((void) argc);
((void) argv);
printf("POLARSSL_BIGNUM_C and/or POLARSSL_ENTROPY_C and/or "
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_ENTROPY_C and/or "
"POLARSSL_SSL_TLS_C and/or POLARSSL_SSL_CLI_C and/or "
"POLARSSL_NET_C and/or POLARSSL_RSA_C and/or "
"POLARSSL_X509_CRT_PARSE_C and/or POLARSSL_FS_IO and/or "
@ -89,7 +96,7 @@ static void my_debug( void *ctx, int level, const char *str )
{
if( level < opt.debug_level )
{
fprintf( (FILE *) ctx, "%s", str );
polarssl_fprintf( (FILE *) ctx, "%s", str );
fflush( (FILE *) ctx );
}
}
@ -99,33 +106,33 @@ static int my_verify( void *data, x509_crt *crt, int depth, int *flags )
char buf[1024];
((void) data);
printf( "\nVerify requested for (Depth %d):\n", depth );
polarssl_printf( "\nVerify requested for (Depth %d):\n", depth );
x509_crt_info( buf, sizeof( buf ) - 1, "", crt );
printf( "%s", buf );
polarssl_printf( "%s", buf );
if( ( (*flags) & BADCERT_EXPIRED ) != 0 )
printf( " ! server certificate has expired\n" );
polarssl_printf( " ! server certificate has expired\n" );
if( ( (*flags) & BADCERT_REVOKED ) != 0 )
printf( " ! server certificate has been revoked\n" );
polarssl_printf( " ! server certificate has been revoked\n" );
if( ( (*flags) & BADCERT_CN_MISMATCH ) != 0 )
printf( " ! CN mismatch\n" );
polarssl_printf( " ! CN mismatch\n" );
if( ( (*flags) & BADCERT_NOT_TRUSTED ) != 0 )
printf( " ! self-signed or not signed by a trusted CA\n" );
polarssl_printf( " ! self-signed or not signed by a trusted CA\n" );
if( ( (*flags) & BADCRL_NOT_TRUSTED ) != 0 )
printf( " ! CRL not trusted\n" );
polarssl_printf( " ! CRL not trusted\n" );
if( ( (*flags) & BADCRL_EXPIRED ) != 0 )
printf( " ! CRL expired\n" );
polarssl_printf( " ! CRL expired\n" );
if( ( (*flags) & BADCERT_OTHER ) != 0 )
printf( " ! other (unknown) flag\n" );
polarssl_printf( " ! other (unknown) flag\n" );
if ( ( *flags ) == 0 )
printf( " This certificate has no flags\n" );
polarssl_printf( " This certificate has no flags\n" );
return( 0 );
}
@ -184,7 +191,7 @@ int main( int argc, char *argv[] )
if( argc == 0 )
{
usage:
printf( USAGE );
polarssl_printf( USAGE );
ret = 2;
goto exit;
}
@ -256,7 +263,7 @@ int main( int argc, char *argv[] )
/*
* 1.1. Load the trusted CA
*/
printf( " . Loading the CA root certificate ..." );
polarssl_printf( " . Loading the CA root certificate ..." );
fflush( stdout );
if( strlen( opt.ca_path ) )
@ -272,18 +279,18 @@ int main( int argc, char *argv[] )
if( ret < 0 )
{
printf( " failed\n ! x509_crt_parse returned -0x%x\n\n", -ret );
polarssl_printf( " failed\n ! x509_crt_parse returned -0x%x\n\n", -ret );
goto exit;
}
printf( " ok (%d skipped)\n", ret );
polarssl_printf( " ok (%d skipped)\n", ret );
#if defined(POLARSSL_X509_CRL_PARSE_C)
if( strlen( opt.crl_file ) )
{
if( ( ret = x509_crl_parse_file( &cacrl, opt.crl_file ) ) != 0 )
{
printf( " failed\n ! x509_crl_parse returned -0x%x\n\n", -ret );
polarssl_printf( " failed\n ! x509_crl_parse returned -0x%x\n\n", -ret );
goto exit;
}
@ -300,43 +307,43 @@ int main( int argc, char *argv[] )
/*
* 1.1. Load the certificate(s)
*/
printf( "\n . Loading the certificate(s) ..." );
polarssl_printf( "\n . Loading the certificate(s) ..." );
fflush( stdout );
ret = x509_crt_parse_file( &crt, opt.filename );
if( ret < 0 )
{
printf( " failed\n ! x509_crt_parse_file returned %d\n\n", ret );
polarssl_printf( " failed\n ! x509_crt_parse_file returned %d\n\n", ret );
x509_crt_free( &crt );
goto exit;
}
if( opt.permissive == 0 && ret > 0 )
{
printf( " failed\n ! x509_crt_parse failed to parse %d certificates\n\n", ret );
polarssl_printf( " failed\n ! x509_crt_parse failed to parse %d certificates\n\n", ret );
x509_crt_free( &crt );
goto exit;
}
printf( " ok\n" );
polarssl_printf( " ok\n" );
/*
* 1.2 Print the certificate(s)
*/
while( cur != NULL )
{
printf( " . Peer certificate information ...\n" );
polarssl_printf( " . Peer certificate information ...\n" );
ret = x509_crt_info( (char *) buf, sizeof( buf ) - 1, " ",
cur );
if( ret == -1 )
{
printf( " failed\n ! x509_crt_info returned %d\n\n", ret );
polarssl_printf( " failed\n ! x509_crt_info returned %d\n\n", ret );
x509_crt_free( &crt );
goto exit;
}
printf( "%s\n", buf );
polarssl_printf( "%s\n", buf );
cur = cur->next;
}
@ -346,29 +353,29 @@ int main( int argc, char *argv[] )
*/
if( verify )
{
printf( " . Verifying X.509 certificate..." );
polarssl_printf( " . Verifying X.509 certificate..." );
if( ( ret = x509_crt_verify( &crt, &cacert, &cacrl, NULL, &flags,
my_verify, NULL ) ) != 0 )
{
printf( " failed\n" );
polarssl_printf( " failed\n" );
if( ( ret & BADCERT_EXPIRED ) != 0 )
printf( " ! server certificate has expired\n" );
polarssl_printf( " ! server certificate has expired\n" );
if( ( ret & BADCERT_REVOKED ) != 0 )
printf( " ! server certificate has been revoked\n" );
polarssl_printf( " ! server certificate has been revoked\n" );
if( ( ret & BADCERT_CN_MISMATCH ) != 0 )
printf( " ! CN mismatch (expected CN=%s)\n", opt.server_name );
polarssl_printf( " ! CN mismatch (expected CN=%s)\n", opt.server_name );
if( ( ret & BADCERT_NOT_TRUSTED ) != 0 )
printf( " ! self-signed or not signed by a trusted CA\n" );
polarssl_printf( " ! self-signed or not signed by a trusted CA\n" );
printf( "\n" );
polarssl_printf( "\n" );
}
else
printf( " ok\n" );
polarssl_printf( " ok\n" );
}
x509_crt_free( &crt );
@ -378,7 +385,7 @@ int main( int argc, char *argv[] )
/*
* 1. Initialize the RNG and the session data
*/
printf( "\n . Seeding the random number generator..." );
polarssl_printf( "\n . Seeding the random number generator..." );
fflush( stdout );
entropy_init( &entropy );
@ -386,23 +393,23 @@ int main( int argc, char *argv[] )
(const unsigned char *) pers,
strlen( pers ) ) ) != 0 )
{
printf( " failed\n ! ctr_drbg_init returned %d\n", ret );
polarssl_printf( " failed\n ! ctr_drbg_init returned %d\n", ret );
goto exit;
}
printf( " ok\n" );
polarssl_printf( " ok\n" );
/*
* 2. Start the connection
*/
printf( " . SSL connection to tcp/%s/%-4d...", opt.server_name,
polarssl_printf( " . SSL connection to tcp/%s/%-4d...", opt.server_name,
opt.server_port );
fflush( stdout );
if( ( ret = net_connect( &server_fd, opt.server_name,
opt.server_port, NET_PROTO_TCP ) ) != 0 )
{
printf( " failed\n ! net_connect returned %d\n\n", ret );
polarssl_printf( " failed\n ! net_connect returned %d\n\n", ret );
goto exit;
}
@ -411,7 +418,7 @@ int main( int argc, char *argv[] )
*/
if( ( ret = ssl_init( &ssl ) ) != 0 )
{
printf( " failed\n ! ssl_init returned %d\n\n", ret );
polarssl_printf( " failed\n ! ssl_init returned %d\n\n", ret );
goto exit;
}
@ -432,14 +439,14 @@ int main( int argc, char *argv[] )
if( ( ret = ssl_set_own_cert( &ssl, &clicert, &pkey ) ) != 0 )
{
printf( " failed\n ! ssl_set_own_cert returned %d\n\n", ret );
polarssl_printf( " failed\n ! ssl_set_own_cert returned %d\n\n", ret );
goto exit;
}
#if defined(POLARSSL_SSL_SERVER_NAME_INDICATION)
if( ( ret = ssl_set_hostname( &ssl, opt.server_name ) ) != 0 )
{
printf( " failed\n ! ssl_set_hostname returned %d\n\n", ret );
polarssl_printf( " failed\n ! ssl_set_hostname returned %d\n\n", ret );
goto exit;
}
#endif
@ -451,28 +458,28 @@ int main( int argc, char *argv[] )
{
if( ret != POLARSSL_ERR_NET_WANT_READ && ret != POLARSSL_ERR_NET_WANT_WRITE )
{
printf( " failed\n ! ssl_handshake returned %d\n\n", ret );
polarssl_printf( " failed\n ! ssl_handshake returned %d\n\n", ret );
ssl_free( &ssl );
goto exit;
}
}
printf( " ok\n" );
polarssl_printf( " ok\n" );
/*
* 5. Print the certificate
*/
printf( " . Peer certificate information ...\n" );
polarssl_printf( " . Peer certificate information ...\n" );
ret = x509_crt_info( (char *) buf, sizeof( buf ) - 1, " ",
ssl.session->peer_cert );
if( ret == -1 )
{
printf( " failed\n ! x509_crt_info returned %d\n\n", ret );
polarssl_printf( " failed\n ! x509_crt_info returned %d\n\n", ret );
ssl_free( &ssl );
goto exit;
}
printf( "%s\n", buf );
polarssl_printf( "%s\n", buf );
ssl_close_notify( &ssl );
ssl_free( &ssl );
@ -494,7 +501,7 @@ exit:
entropy_free( &entropy );
#if defined(_WIN32)
printf( " + Press Enter to exit this program.\n" );
polarssl_printf( " + Press Enter to exit this program.\n" );
fflush( stdout ); getchar();
#endif

42
programs/x509/cert_req.c
View file

@ -3,7 +3,7 @@
*
* Copyright (C) 2006-2011, ARM Limited, All Rights Reserved
*
* This file is part of mbed TLS (https://www.polarssl.org)
* This file is part of mbed TLS (https://polarssl.org)
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -26,6 +26,12 @@
#include POLARSSL_CONFIG_FILE
#endif
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#define polarssl_printf printf
#endif
#include <string.h>
#include <stdlib.h>
#include <stdio.h>
@ -43,7 +49,7 @@ int main( int argc, char *argv[] )
((void) argc);
((void) argv);
printf( "POLARSSL_X509_CSR_WRITE_C and/or POLARSSL_FS_IO and/or "
polarssl_printf( "POLARSSL_X509_CSR_WRITE_C and/or POLARSSL_FS_IO and/or "
"POLARSSL_PK_PARSE_C and/or "
"POLARSSL_ENTROPY_C and/or POLARSSL_CTR_DRBG_C "
"not defined.\n");
@ -150,7 +156,7 @@ int main( int argc, char *argv[] )
if( argc == 0 )
{
usage:
printf( USAGE );
polarssl_printf( USAGE );
ret = 1;
goto exit;
}
@ -251,7 +257,7 @@ int main( int argc, char *argv[] )
/*
* 0. Seed the PRNG
*/
printf( " . Seeding the random number generator..." );
polarssl_printf( " . Seeding the random number generator..." );
fflush( stdout );
entropy_init( &entropy );
@ -259,58 +265,58 @@ int main( int argc, char *argv[] )
(const unsigned char *) pers,
strlen( pers ) ) ) != 0 )
{
printf( " failed\n ! ctr_drbg_init returned %d", ret );
polarssl_printf( " failed\n ! ctr_drbg_init returned %d", ret );
goto exit;
}
printf( " ok\n" );
polarssl_printf( " ok\n" );
/*
* 1.0. Check the subject name for validity
*/
printf( " . Checking subjet name..." );
polarssl_printf( " . Checking subjet name..." );
fflush( stdout );
if( ( ret = x509write_csr_set_subject_name( &req, opt.subject_name ) ) != 0 )
{
printf( " failed\n ! x509write_csr_set_subject_name returned %d", ret );
polarssl_printf( " failed\n ! x509write_csr_set_subject_name returned %d", ret );
goto exit;
}
printf( " ok\n" );
polarssl_printf( " ok\n" );
/*
* 1.1. Load the key
*/
printf( " . Loading the private key ..." );
polarssl_printf( " . Loading the private key ..." );
fflush( stdout );
ret = pk_parse_keyfile( &key, opt.filename, NULL );
if( ret != 0 )
{
printf( " failed\n ! pk_parse_keyfile returned %d", ret );
polarssl_printf( " failed\n ! pk_parse_keyfile returned %d", ret );
goto exit;
}
x509write_csr_set_key( &req, &key );
printf( " ok\n" );
polarssl_printf( " ok\n" );
/*
* 1.2. Writing the request
*/
printf( " . Writing the certificate request ..." );
polarssl_printf( " . Writing the certificate request ..." );
fflush( stdout );
if( ( ret = write_certificate_request( &req, opt.output_file,
ctr_drbg_random, &ctr_drbg ) ) != 0 )
{
printf( " failed\n ! write_certifcate_request %d", ret );
polarssl_printf( " failed\n ! write_certifcate_request %d", ret );
goto exit;
}
printf( " ok\n" );
polarssl_printf( " ok\n" );
exit:
@ -318,9 +324,9 @@ exit:
{
#ifdef POLARSSL_ERROR_C
polarssl_strerror( ret, buf, sizeof( buf ) );
printf( " - %s\n", buf );
polarssl_printf( " - %s\n", buf );
#else
printf("\n");
polarssl_printf("\n");
#endif
}
@ -330,7 +336,7 @@ exit:
entropy_free( &entropy );
#if defined(_WIN32)
printf( " + Press Enter to exit this program.\n" );
polarssl_printf( " + Press Enter to exit this program.\n" );
fflush( stdout ); getchar();
#endif

106
programs/x509/cert_write.c
View file

@ -3,7 +3,7 @@
*
* Copyright (C) 2006-2013, ARM Limited, All Rights Reserved
*
* This file is part of mbed TLS (https://www.polarssl.org)
* This file is part of mbed TLS (https://polarssl.org)
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -26,6 +26,12 @@
#include POLARSSL_CONFIG_FILE
#endif
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#define polarssl_printf printf
#endif
#include <string.h>
#include <stdlib.h>
#include <stdio.h>
@ -39,7 +45,7 @@ int main( int argc, char *argv[] )
((void) argc);
((void) argv);
printf( "POLARSSL_X509_CRT_WRITE_C and/or POLARSSL_X509_CRT_PARSE_C and/or "
polarssl_printf( "POLARSSL_X509_CRT_WRITE_C and/or POLARSSL_X509_CRT_PARSE_C and/or "
"POLARSSL_FS_IO and/or "
"POLARSSL_ENTROPY_C and/or POLARSSL_CTR_DRBG_C and/or "
"POLARSSL_ERROR_C not defined.\n");
@ -216,7 +222,7 @@ int main( int argc, char *argv[] )
if( argc == 0 )
{
usage:
printf( USAGE );
polarssl_printf( USAGE );
ret = 1;
goto exit;
}
@ -358,12 +364,12 @@ int main( int argc, char *argv[] )
goto usage;
}
printf("\n");
polarssl_printf("\n");
/*
* 0. Seed the PRNG
*/
printf( " . Seeding the random number generator..." );
polarssl_printf( " . Seeding the random number generator..." );
fflush( stdout );
entropy_init( &entropy );
@ -372,25 +378,25 @@ int main( int argc, char *argv[] )
strlen( pers ) ) ) != 0 )
{
polarssl_strerror( ret, buf, 1024 );
printf( " failed\n ! ctr_drbg_init returned %d - %s\n", ret, buf );
polarssl_printf( " failed\n ! ctr_drbg_init returned %d - %s\n", ret, buf );
goto exit;
}
printf( " ok\n" );
polarssl_printf( " ok\n" );
// Parse serial to MPI
//
printf( " . Reading serial number..." );
polarssl_printf( " . Reading serial number..." );
fflush( stdout );
if( ( ret = mpi_read_string( &serial, 10, opt.serial ) ) != 0 )
{
polarssl_strerror( ret, buf, 1024 );
printf( " failed\n ! mpi_read_string returned -0x%02x - %s\n\n", -ret, buf );
polarssl_printf( " failed\n ! mpi_read_string returned -0x%02x - %s\n\n", -ret, buf );
goto exit;
}
printf( " ok\n" );
polarssl_printf( " ok\n" );
// Parse issuer certificate if present
//
@ -399,13 +405,13 @@ int main( int argc, char *argv[] )
/*
* 1.0.a. Load the certificates
*/
printf( " . Loading the issuer certificate ..." );
polarssl_printf( " . Loading the issuer certificate ..." );
fflush( stdout );
if( ( ret = x509_crt_parse_file( &issuer_crt, opt.issuer_crt ) ) != 0 )
{
polarssl_strerror( ret, buf, 1024 );
printf( " failed\n ! x509_crt_parse_file returned -0x%02x - %s\n\n", -ret, buf );
polarssl_printf( " failed\n ! x509_crt_parse_file returned -0x%02x - %s\n\n", -ret, buf );
goto exit;
}
@ -414,13 +420,13 @@ int main( int argc, char *argv[] )
if( ret < 0 )
{
polarssl_strerror( ret, buf, 1024 );
printf( " failed\n ! x509_dn_gets returned -0x%02x - %s\n\n", -ret, buf );
polarssl_printf( " failed\n ! x509_dn_gets returned -0x%02x - %s\n\n", -ret, buf );
goto exit;
}
opt.issuer_name = issuer_name;
printf( " ok\n" );
polarssl_printf( " ok\n" );
}
#if defined(POLARSSL_X509_CSR_PARSE_C)
@ -431,13 +437,13 @@ int main( int argc, char *argv[] )
/*
* 1.0.b. Load the CSR
*/
printf( " . Loading the certificate request ..." );
polarssl_printf( " . Loading the certificate request ..." );
fflush( stdout );
if( ( ret = x509_csr_parse_file( &csr, opt.request_file ) ) != 0 )
{
polarssl_strerror( ret, buf, 1024 );
printf( " failed\n ! x509_csr_parse_file returned -0x%02x - %s\n\n", -ret, buf );
polarssl_printf( " failed\n ! x509_csr_parse_file returned -0x%02x - %s\n\n", -ret, buf );
goto exit;
}
@ -446,14 +452,14 @@ int main( int argc, char *argv[] )
if( ret < 0 )
{
polarssl_strerror( ret, buf, 1024 );
printf( " failed\n ! x509_dn_gets returned -0x%02x - %s\n\n", -ret, buf );
polarssl_printf( " failed\n ! x509_dn_gets returned -0x%02x - %s\n\n", -ret, buf );
goto exit;
}
opt.subject_name = subject_name;
subject_key = &csr.pk;
printf( " ok\n" );
polarssl_printf( " ok\n" );
}
#endif /* POLARSSL_X509_CSR_PARSE_C */
@ -462,7 +468,7 @@ int main( int argc, char *argv[] )
*/
if( !opt.selfsign && !strlen( opt.request_file ) )
{
printf( " . Loading the subject key ..." );
polarssl_printf( " . Loading the subject key ..." );
fflush( stdout );
ret = pk_parse_keyfile( &loaded_subject_key, opt.subject_key,
@ -470,14 +476,14 @@ int main( int argc, char *argv[] )
if( ret != 0 )
{
polarssl_strerror( ret, buf, 1024 );
printf( " failed\n ! pk_parse_keyfile returned -0x%02x - %s\n\n", -ret, buf );
polarssl_printf( " failed\n ! pk_parse_keyfile returned -0x%02x - %s\n\n", -ret, buf );
goto exit;
}
printf( " ok\n" );
polarssl_printf( " ok\n" );
}
printf( " . Loading the issuer key ..." );
polarssl_printf( " . Loading the issuer key ..." );
fflush( stdout );
ret = pk_parse_keyfile( &loaded_issuer_key, opt.issuer_key,
@ -485,7 +491,7 @@ int main( int argc, char *argv[] )
if( ret != 0 )
{
polarssl_strerror( ret, buf, 1024 );
printf( " failed\n ! pk_parse_keyfile returned -x%02x - %s\n\n", -ret, buf );
polarssl_printf( " failed\n ! pk_parse_keyfile returned -x%02x - %s\n\n", -ret, buf );
goto exit;
}
@ -499,13 +505,13 @@ int main( int argc, char *argv[] )
mpi_cmp_mpi( &pk_rsa( issuer_crt.pk )->E,
&pk_rsa( *issuer_key )->E ) != 0 )
{
printf( " failed\n ! issuer_key does not match issuer certificate\n\n" );
polarssl_printf( " failed\n ! issuer_key does not match issuer certificate\n\n" );
ret = -1;
goto exit;
}
}
printf( " ok\n" );
polarssl_printf( " ok\n" );
if( opt.selfsign )
{
@ -522,25 +528,25 @@ int main( int argc, char *argv[] )
if( ( ret = x509write_crt_set_subject_name( &crt, opt.subject_name ) ) != 0 )
{
polarssl_strerror( ret, buf, 1024 );
printf( " failed\n ! x509write_crt_set_subject_name returned -0x%02x - %s\n\n", -ret, buf );
polarssl_printf( " failed\n ! x509write_crt_set_subject_name returned -0x%02x - %s\n\n", -ret, buf );
goto exit;
}
if( ( ret = x509write_crt_set_issuer_name( &crt, opt.issuer_name ) ) != 0 )
{
polarssl_strerror( ret, buf, 1024 );
printf( " failed\n ! x509write_crt_set_issuer_name returned -0x%02x - %s\n\n", -ret, buf );
polarssl_printf( " failed\n ! x509write_crt_set_issuer_name returned -0x%02x - %s\n\n", -ret, buf );
goto exit;
}
printf( " . Setting certificate values ..." );
polarssl_printf( " . Setting certificate values ..." );
fflush( stdout );
ret = x509write_crt_set_serial( &crt, &serial );
if( ret != 0 )
{
polarssl_strerror( ret, buf, 1024 );
printf( " failed\n ! x509write_crt_set_serial returned -0x%02x - %s\n\n", -ret, buf );
polarssl_printf( " failed\n ! x509write_crt_set_serial returned -0x%02x - %s\n\n", -ret, buf );
goto exit;
}
@ -548,13 +554,13 @@ int main( int argc, char *argv[] )
if( ret != 0 )
{
polarssl_strerror( ret, buf, 1024 );
printf( " failed\n ! x509write_crt_set_validity returned -0x%02x - %s\n\n", -ret, buf );
polarssl_printf( " failed\n ! x509write_crt_set_validity returned -0x%02x - %s\n\n", -ret, buf );
goto exit;
}
printf( " ok\n" );
polarssl_printf( " ok\n" );
printf( " . Adding the Basic Constraints extension ..." );
polarssl_printf( " . Adding the Basic Constraints extension ..." );
fflush( stdout );
ret = x509write_crt_set_basic_constraints( &crt, opt.is_ca,
@ -562,87 +568,87 @@ int main( int argc, char *argv[] )
if( ret != 0 )
{
polarssl_strerror( ret, buf, 1024 );
printf( " failed\n ! x509write_crt_set_basic_contraints returned -0x%02x - %s\n\n", -ret, buf );
polarssl_printf( " failed\n ! x509write_crt_set_basic_contraints returned -0x%02x - %s\n\n", -ret, buf );
goto exit;
}
printf( " ok\n" );
polarssl_printf( " ok\n" );
#if defined(POLARSSL_SHA1_C)
printf( " . Adding the Subject Key Identifier ..." );
polarssl_printf( " . Adding the Subject Key Identifier ..." );
fflush( stdout );
ret = x509write_crt_set_subject_key_identifier( &crt );
if( ret != 0 )
{
polarssl_strerror( ret, buf, 1024 );
printf( " failed\n ! x509write_crt_set_subject_key_identifier returned -0x%02x - %s\n\n", -ret, buf );
polarssl_printf( " failed\n ! x509write_crt_set_subject_key_identifier returned -0x%02x - %s\n\n", -ret, buf );
goto exit;
}
printf( " ok\n" );
polarssl_printf( " ok\n" );
printf( " . Adding the Authority Key Identifier ..." );
polarssl_printf( " . Adding the Authority Key Identifier ..." );
fflush( stdout );
ret = x509write_crt_set_authority_key_identifier( &crt );
if( ret != 0 )
{
polarssl_strerror( ret, buf, 1024 );
printf( " failed\n ! x509write_crt_set_authority_key_identifier returned -0x%02x - %s\n\n", -ret, buf );
polarssl_printf( " failed\n ! x509write_crt_set_authority_key_identifier returned -0x%02x - %s\n\n", -ret, buf );
goto exit;
}
printf( " ok\n" );
polarssl_printf( " ok\n" );
#endif /* POLARSSL_SHA1_C */
if( opt.key_usage )
{
printf( " . Adding the Key Usage extension ..." );
polarssl_printf( " . Adding the Key Usage extension ..." );
fflush( stdout );
ret = x509write_crt_set_key_usage( &crt, opt.key_usage );
if( ret != 0 )
{
polarssl_strerror( ret, buf, 1024 );
printf( " failed\n ! x509write_crt_set_key_usage returned -0x%02x - %s\n\n", -ret, buf );
polarssl_printf( " failed\n ! x509write_crt_set_key_usage returned -0x%02x - %s\n\n", -ret, buf );
goto exit;
}
printf( " ok\n" );
polarssl_printf( " ok\n" );
}
if( opt.ns_cert_type )
{
printf( " . Adding the NS Cert Type extension ..." );
polarssl_printf( " . Adding the NS Cert Type extension ..." );
fflush( stdout );
ret = x509write_crt_set_ns_cert_type( &crt, opt.ns_cert_type );
if( ret != 0 )
{
polarssl_strerror( ret, buf, 1024 );
printf( " failed\n ! x509write_crt_set_ns_cert_type returned -0x%02x - %s\n\n", -ret, buf );
polarssl_printf( " failed\n ! x509write_crt_set_ns_cert_type returned -0x%02x - %s\n\n", -ret, buf );
goto exit;
}
printf( " ok\n" );
polarssl_printf( " ok\n" );
}
/*
* 1.2. Writing the request
*/
printf( " . Writing the certificate..." );
polarssl_printf( " . Writing the certificate..." );
fflush( stdout );
if( ( ret = write_certificate( &crt, opt.output_file,
ctr_drbg_random, &ctr_drbg ) ) != 0 )
{
polarssl_strerror( ret, buf, 1024 );
printf( " failed\n ! write_certifcate -0x%02x - %s\n\n", -ret, buf );
polarssl_printf( " failed\n ! write_certifcate -0x%02x - %s\n\n", -ret, buf );
goto exit;
}
printf( " ok\n" );
polarssl_printf( " ok\n" );
exit:
x509write_crt_free( &crt );
@ -653,7 +659,7 @@ exit:
entropy_free( &entropy );
#if defined(_WIN32)
printf( " + Press Enter to exit this program.\n" );
polarssl_printf( " + Press Enter to exit this program.\n" );
fflush( stdout ); getchar();
#endif

26
programs/x509/crl_app.c
View file

@ -3,7 +3,7 @@
*
* Copyright (C) 2006-2013, ARM Limited, All Rights Reserved
*
* This file is part of mbed TLS (https://www.polarssl.org)
* This file is part of mbed TLS (https://polarssl.org)
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -26,6 +26,12 @@
#include POLARSSL_CONFIG_FILE
#endif
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#define polarssl_printf printf
#endif
#include <string.h>
#include <stdlib.h>
#include <stdio.h>
@ -39,7 +45,7 @@ int main( int argc, char *argv[] )
((void) argc);
((void) argv);
printf("POLARSSL_BIGNUM_C and/or POLARSSL_RSA_C and/or "
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_RSA_C and/or "
"POLARSSL_X509_CRL_PARSE_C and/or POLARSSL_FS_IO not defined.\n");
return( 0 );
}
@ -78,7 +84,7 @@ int main( int argc, char *argv[] )
if( argc == 0 )
{
usage:
printf( USAGE );
polarssl_printf( USAGE );
goto exit;
}
@ -100,39 +106,39 @@ int main( int argc, char *argv[] )
/*
* 1.1. Load the CRL
*/
printf( "\n . Loading the CRL ..." );
polarssl_printf( "\n . Loading the CRL ..." );
fflush( stdout );
ret = x509_crl_parse_file( &crl, opt.filename );
if( ret != 0 )
{
printf( " failed\n ! x509_crl_parse_file returned %d\n\n", ret );
polarssl_printf( " failed\n ! x509_crl_parse_file returned %d\n\n", ret );
x509_crl_free( &crl );
goto exit;
}
printf( " ok\n" );
polarssl_printf( " ok\n" );
/*
* 1.2 Print the CRL
*/
printf( " . CRL information ...\n" );
polarssl_printf( " . CRL information ...\n" );
ret = x509_crl_info( (char *) buf, sizeof( buf ) - 1, " ", &crl );
if( ret == -1 )
{
printf( " failed\n ! x509_crl_info returned %d\n\n", ret );
polarssl_printf( " failed\n ! x509_crl_info returned %d\n\n", ret );
x509_crl_free( &crl );
goto exit;
}
printf( "%s\n", buf );
polarssl_printf( "%s\n", buf );
exit:
x509_crl_free( &crl );
#if defined(_WIN32)
printf( " + Press Enter to exit this program.\n" );
polarssl_printf( " + Press Enter to exit this program.\n" );
fflush( stdout ); getchar();
#endif

26
programs/x509/req_app.c
View file

@ -3,7 +3,7 @@
*
* Copyright (C) 2006-2013, ARM Limited, All Rights Reserved
*
* This file is part of mbed TLS (https://www.polarssl.org)
* This file is part of mbed TLS (https://polarssl.org)
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -26,6 +26,12 @@
#include POLARSSL_CONFIG_FILE
#endif
#if defined(POLARSSL_PLATFORM_C)
#include "polarssl/platform.h"
#else
#define polarssl_printf printf
#endif
#include <string.h>
#include <stdlib.h>
#include <stdio.h>
@ -39,7 +45,7 @@ int main( int argc, char *argv[] )
((void) argc);
((void) argv);
printf("POLARSSL_BIGNUM_C and/or POLARSSL_RSA_C and/or "
polarssl_printf("POLARSSL_BIGNUM_C and/or POLARSSL_RSA_C and/or "
"POLARSSL_X509_CSR_PARSE_C and/or POLARSSL_FS_IO not defined.\n");
return( 0 );
}
@ -78,7 +84,7 @@ int main( int argc, char *argv[] )
if( argc == 0 )
{
usage:
printf( USAGE );
polarssl_printf( USAGE );
goto exit;
}
@ -100,39 +106,39 @@ int main( int argc, char *argv[] )
/*
* 1.1. Load the CSR
*/
printf( "\n . Loading the CSR ..." );
polarssl_printf( "\n . Loading the CSR ..." );
fflush( stdout );
ret = x509_csr_parse_file( &csr, opt.filename );
if( ret != 0 )
{
printf( " failed\n ! x509_csr_parse_file returned %d\n\n", ret );
polarssl_printf( " failed\n ! x509_csr_parse_file returned %d\n\n", ret );
x509_csr_free( &csr );
goto exit;
}
printf( " ok\n" );
polarssl_printf( " ok\n" );
/*
* 1.2 Print the CSR
*/
printf( " . CSR information ...\n" );
polarssl_printf( " . CSR information ...\n" );
ret = x509_csr_info( (char *) buf, sizeof( buf ) - 1, " ", &csr );
if( ret == -1 )
{
printf( " failed\n ! x509_csr_info returned %d\n\n", ret );
polarssl_printf( " failed\n ! x509_csr_info returned %d\n\n", ret );
x509_csr_free( &csr );
goto exit;
}
printf( "%s\n", buf );
polarssl_printf( "%s\n", buf );
exit:
x509_csr_free( &csr );
#if defined(_WIN32)
printf( " + Press Enter to exit this program.\n" );
polarssl_printf( " + Press Enter to exit this program.\n" );
fflush( stdout ); getchar();
#endif